Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/bf5a64-8aaf-44a8-bace-36850df4e997/1/_ORf1v09kyaEwMW8J_T6YVoQkOA.mft
File: _ORf1v09kyaEwMW8J_T6YVoQkOA.mft (raw, json)
Hash identifier: hblrF6Ws/NplikrJ+s84TBz51NB/lHtnJyXszakooZA=
Subject key identifier: 42:81:DA:CE:0E:41:DF:70:FA:6D:22:96:F5:8F:69:9F:07:57:1E:20
Authority key identifier: FC:E4:5F:D6:FD:3D:93:26:84:C0:C5:BC:27:F4:FA:61:5A:10:90:E0
Certificate issuer: /CN=fce45fd6fd3d932684c0c5bc27f4fa615a1090e0
Certificate serial: 019D389C45C78F5A826468A5C8D413AD5972
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ORf1v09kyaEwMW8J_T6YVoQkOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/bf5a64-8aaf-44a8-bace-36850df4e997/1/_ORf1v09kyaEwMW8J_T6YVoQkOA.mft
Manifest number: 0F13
Signing time: Sun 29 Mar 2026 08:00:58 +0000
Manifest this update: Sun 29 Mar 2026 08:00:58 +0000
Manifest next update: Mon 30 Mar 2026 08:00:58 +0000
Files and hashes: 1: _ORf1v09kyaEwMW8J_T6YVoQkOA.crl (hash: gqEU4mW2en1ozh81JdiF0HoNMmnRLYZh1ziYnYPTldU=)
2: abxz-YS2pIcWJysLZsLURj3wFjE.roa (hash: v8u8I3KyfjrBtGFxRTuhA7B6RHsn+uH/zjkzCl303+Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/bf5a64-8aaf-44a8-bace-36850df4e997/1/_ORf1v09kyaEwMW8J_T6YVoQkOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/bf5a64-8aaf-44a8-bace-36850df4e997/1/_ORf1v09kyaEwMW8J_T6YVoQkOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/_ORf1v09kyaEwMW8J_T6YVoQkOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:45:c7:8f:5a:82:64:68:a5:c8:d4:13:ad:59:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fce45fd6fd3d932684c0c5bc27f4fa615a1090e0
Validity
Not Before: Mar 29 08:00:58 2026 GMT
Not After : Mar 30 08:00:58 2026 GMT
Subject: CN=4281dace0e41df70fa6d2296f58f699f07571e20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2d:61:02:b0:8b:0a:78:b4:cd:0b:d5:89:57:
58:b4:6e:0f:eb:c5:8e:e0:54:cf:ee:a1:49:55:f8:
80:fd:97:ae:a5:77:6e:98:4f:9d:4e:bd:f3:56:3a:
e5:d6:8f:c1:d6:3f:5b:9c:61:4b:40:05:72:04:07:
ec:aa:90:d6:59:fa:21:a2:d5:68:53:2e:37:c8:17:
51:e7:92:20:8c:72:e6:10:64:b5:a7:19:ec:4b:fc:
92:d1:d6:c4:aa:aa:d4:4c:f1:dc:38:fe:52:85:2f:
fa:0e:8a:a0:47:64:18:45:3d:00:97:0b:2e:02:9d:
dc:99:21:89:06:59:d7:59:27:cc:94:de:0f:d9:1d:
bb:c5:7c:74:9d:0a:1b:3b:28:95:a9:61:32:7b:2c:
d9:dc:7f:11:c7:51:f9:bd:a0:f8:9b:3c:7a:d3:00:
72:9b:7d:9e:61:f8:d3:8d:9b:e0:cc:84:92:2a:c2:
5a:63:56:eb:69:60:f5:59:7e:0c:bf:01:57:de:5e:
9a:99:ae:0b:9c:cc:e5:57:9c:bc:3e:4e:94:cf:ff:
8c:32:18:23:13:00:42:6c:62:97:11:31:65:f8:41:
3b:25:99:8a:39:bf:04:6e:23:e6:f4:12:27:b4:ec:
14:5e:5f:00:1c:77:ac:af:29:d5:f8:a2:60:8f:a2:
74:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:81:DA:CE:0E:41:DF:70:FA:6D:22:96:F5:8F:69:9F:07:57:1E:20
X509v3 Authority Key Identifier:
keyid:FC:E4:5F:D6:FD:3D:93:26:84:C0:C5:BC:27:F4:FA:61:5A:10:90:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ORf1v09kyaEwMW8J_T6YVoQkOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bf5a64-8aaf-44a8-bace-36850df4e997/1/_ORf1v09kyaEwMW8J_T6YVoQkOA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bf5a64-8aaf-44a8-bace-36850df4e997/1/_ORf1v09kyaEwMW8J_T6YVoQkOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ba:c2:9b:51:dd:c6:fc:3a:9a:c7:eb:a1:11:55:82:1e:90:1f:
a1:92:cf:9c:c6:90:b6:af:5d:2f:24:e9:a1:b9:6f:81:62:7c:
89:d7:17:c4:16:3e:d9:c2:5b:0e:13:7b:47:46:53:67:6d:ff:
7d:30:e3:7b:13:a0:29:46:be:e2:83:06:f5:8e:19:5d:23:1d:
46:a4:93:cd:ae:09:ad:92:e8:bc:6e:d3:34:b7:33:a2:5e:18:
22:be:7e:9a:00:89:ee:6a:4c:54:62:af:55:e0:e4:36:f0:31:
fc:92:1f:f3:89:5d:71:db:a2:6b:b3:92:fe:67:01:e5:5d:be:
cb:0a:c8:31:e7:97:b1:ec:9c:99:df:e7:ba:3b:9d:80:ae:cf:
e7:ca:3f:18:4d:4b:2b:d8:be:d7:e8:a0:f0:8b:8f:2f:51:36:
a6:31:77:b0:c4:1d:2e:e2:fa:55:f8:93:25:a9:15:4e:08:f3:
19:92:b8:d9:35:4b:e7:c3:4c:ca:ed:83:97:22:4a:53:ee:59:
fe:6d:64:f5:9d:65:72:71:73:f0:5e:4b:86:62:d7:f6:11:d5:
b3:0b:a9:3b:4f:c0:c1:d5:67:02:d1:2e:6a:be:e4:18:43:af:
1c:2e:a0:31:2d:a5:08:16:2f:b7:05:2c:5f:a8:e0:15:66:80:
25:06:a2:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nEXHj1qCZGilyNQTrVlyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZTQ1ZmQ2ZmQzZDkzMjY4NGMwYzViYzI3ZjRmYTYxNWEx
MDkwZTAwHhcNMjYwMzI5MDgwMDU4WhcNMjYwMzMwMDgwMDU4WjAzMTEwLwYDVQQD
Eyg0MjgxZGFjZTBlNDFkZjcwZmE2ZDIyOTZmNThmNjk5ZjA3NTcxZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtS1hArCLCni0zQvViVdYtG4P68WO
4FTP7qFJVfiA/ZeupXdumE+dTr3zVjrl1o/B1j9bnGFLQAVyBAfsqpDWWfohotVo
Uy43yBdR55IgjHLmEGS1pxnsS/yS0dbEqqrUTPHcOP5ShS/6DoqgR2QYRT0Alwsu
Ap3cmSGJBlnXWSfMlN4P2R27xXx0nQobOyiVqWEyeyzZ3H8Rx1H5vaD4mzx60wBy
m32eYfjTjZvgzISSKsJaY1braWD1WX4MvwFX3l6ama4LnMzlV5y8Pk6Uz/+MMhgj
EwBCbGKXETFl+EE7JZmKOb8EbiPm9BIntOwUXl8AHHesrynV+KJgj6J0eQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKB2s4OQd9w+m0ilvWPaZ8HVx4gMB8GA1UdIwQY
MBaAFPzkX9b9PZMmhMDFvCf0+mFaEJDgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX09SZjF2MDlreWFFd01XOEpfVDZZVm9Ra09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iZjVhNjQtOGFhZi00NGE4LWJhY2Ut
MzY4NTBkZjRlOTk3LzEvX09SZjF2MDlreWFFd01XOEpfVDZZVm9Ra09BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iZjVhNjQtOGFhZi00NGE4LWJhY2UtMzY4NTBkZjRlOTk3
LzEvX09SZjF2MDlreWFFd01XOEpfVDZZVm9Ra09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAusKbUd3G
/Dqax+uhEVWCHpAfoZLPnMaQtq9dLyTpoblvgWJ8idcXxBY+2cJbDhN7R0ZTZ23/
fTDjexOgKUa+4oMG9Y4ZXSMdRqSTza4JrZLovG7TNLczol4YIr5+mgCJ7mpMVGKv
VeDkNvAx/JIf84ldcduia7OS/mcB5V2+ywrIMeeXseycmd/nujudgK7P58o/GE1L
K9i+1+ig8IuPL1E2pjF3sMQdLuL6VfiTJakVTgjzGZK42TVL58NMyu2DlyJKU+5Z
/m1k9Z1lcnFz8F5LhmLX9hHVswupO0/AwdVnAtEuar7kGEOvHC6gMS2lCBYvtwUs
X6jgFWaAJQaiLg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:48:40 2026 by rpki-client